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The MAILING DATE of this communication appears on the cover sheet with the correspondence address « 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 136(a). In no event, however, may a reply be timely filed 
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Disposition of Claims 

4) ^ Claim(s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) 13 Claim(s) 1-20 is/are rejected. 

7) (El Claim(s) 18-20 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 
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DETAILED ACTION 



Claim Objections 



Claims 18-20 are objected to because of the following informalities: 



Claims 18-20 should depend on claim 17 not claim 18. 



Appropriate correction is required. 



Claim Rejections - 35 USC § 102 



2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless: 
(e) the invention was described in 

(1) an application for patent, published under section 122(b), by another filed in the United 
States before the invention by the applicant for patent or 

(2) a patent granted on an application for patent by another filed in the United States before the 
invention by the applicant for patent, except that an international application filed under the 
treaty defined in section 351(a) shall have the effects for purposes of this subsection of an 
application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claims 1-20 are rejected under 35 U.S.C. 102(e) as being anticipated by Aucsmith 
[6,134,551]. 

Regarding to claim 1, Aucsmith discloses a system comprising: 
a plurality of certificate authorities (CAs) in which each CA maintains and distributes 
digital certificates revoked by itself in the form of a certificate revocation list (CRL), and 
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different CAs may use different CRL distribution mechanisms (Aucsmith, Fig. 2, col. 3, lines 14- 
22); 

a plurality of CRL databases for storing the consolidated CRLs from multiple CRL 
retrieval agents and/or the replications of CRLs (Aucsmith, Fig. 2, 222 - "Invalidity Database", 
218 - "Local Invalidity Cache"); and 

a CRL access user interface for providing a uniform set of APIs for user's accessing the 
CRLs CRL databases, said system enabling consolidation and access of the certificate revocation 
list (CRL) (Aucsmith, 23-52, "the client 210 performs a lookup in a local invalidity cache 218. 
... the client may perform an invalidity confirmation process wherein the client communicates 
with the server 220 and requests a lookup to confirm the key's membership in invalidity database 
222"). 

Regarding to claim 2, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1, and further discloses said plurality of CRL databases include a central CRL database 
and a plurality of CRL replication databases, said central CRL database for storing the 
consolidated CRLs from the multiple CRL retrieval agents, and said plurality of CRL replication 
databases for storing the replications of the CRLs of the central CRL database (Aucsmith, Fig. 2, 
col. 3, lines 14-67). 

Regarding to claim 3, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1, and further discloses CRL retrieval agents include a LDAP/CRL retrieval agent, for 
periodically retrieving CRLs from specified LDAP servers and updating the CRL databases 
(Aucsmith, col. 3, lines 53-67, "Local invalidity cache is a bloom filter of all the invalid keys in 
the database 222. ... Any of the bloom filter vectors, coefficients, and prime key values may be 
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downloaded from server 220 by client 210 upon demand, at regular intervals, or other defined 
intervals according to the established protocol". The established protocol inherently includes 
LDAP server). 

Regarding to claim 4, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1 , and further discloses CRL retrieval agents include a HTTP/CRL retrieval agent, for 
periodically retrieving CRLs from specified HTTP servers and updating the CRL database 
(Aucsmith, col. 3, lines 53-67, "Local invalidity cache is a bloom filter of all the invalid keys in 
the database 222. ... Any of the bloom filter vectors, coefficients, and prime key values may be 
downloaded from server 220 by client 210 upon demand, at regular intervals, or other defined 
intervals according to the established protocol". The established protocol inherently includes 
HTTP server). 

Regarding to claim 5, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1, and further discloses CRL retrieval agents include a RFC1424/CRL retrieval agents, for 
periodically sending RFC1424/CRL retrieval request and receiving CRL retrieval reply 
(Aucsmith, col. 3, lines 53-67). 

Regarding to claim 6, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1, and farther discloses CRL retrieval agents include a HTTP receiver agent triggered by a 
HTTP request, said HTTP receiver agent verifies an authorization of the requester, if successful, 
said agent stores each transmitted CRL in the CRL databases (Aucsmith, col. 7, lines 12-42). 

Regarding to claim 7, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1, and further discloses CRL retrieval agents further verifies the integrity and the 
authenticity of the retrieved CRLs (Aucsmith, col. 3, lines 35-40). 
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Regarding to claim 8, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1, and further discloses a particular replication architecture is used among said plurality of 
CRL databases in order to maintain database consistency (Aucsmith, col. 3, lines 63-67). 

Regarding to claim 9, Aucsmith teaches all the claimed subject matters as discussed in 
claim 2, and further discloses a sub-and-spoke replication architecture is used among said central 
CRL database and said plurality of CRL replication databases (Aucsmith, Fig. 2 & 5). 

Regarding to claim 10, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1 , and further discloses system is also adapted for consolidating and accessing at least one 
kind of black list (Aucsmith, col. 3, lines 14-22). 

Regarding to claim 11, Aucsmith discloses in a secure network implemented by digital 
certificates, a method for certificate revocation list (CRL) consolidation and access, wherein a 
plurality of certificate authorities (CAs) maintain and distribute the digital certificates revoked by 
themselves in the form of CRLs, and different CAs may use different CRL distribution 
mechanisms, said method comprising the steps of: 

creating a plurality of CRL retrieval agents based on the CRL distribution mechanisms of 
CAs, for consolidating the CRLs from multiple CAs; storing the consolidated CRLs from 
multiple CRL retrieval agents or the replications of CRLs into a plurality of CRL databases 
(Aucsmith, col. 14-34); and 

accessing the CRLs from the CRL databases by a uniform set of APIs (Aucsmith, col. 3, 
lines 35-45, "perform an invalidity confirmation process wherein the client communicates with 
the server 220 and requests a lookup to confirm the key's membership in invalidity database 
222"). 
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Regarding to claim 12, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1 1, and further discloses CRL databases include a central CRL database and a plurality of 
CRL replication database, said central CRL database for storing the consolidated CRLs from 
multiple CRL retrieval agents and said plurality of CRL replication database for storing the 
replications of the CRLs of the central database (Aucsmith, Fig. 2, 222 - "Invalidity Database", 
218 - "Local Invalidity Cache", col. 3, lines 53-67). 

Regarding to claim 13, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1 1, and further discloses consolidating and accessing all kinds of black lists (Aucsmith, 
col. 3, lines 14-22). 

Regarding to claim 14, Aucsmith teaches all the claimed subject matters as discussed in • 
claim 1 1, and further discloses an article of manufacture comprising a computer usable medium 
having computer readable program code means embodied therein for causing certificate 
revocation list (CRL) consolidation and access, the computer readable program code means in 
said article of manufacture comprising computer readable program code means for causing a 
computer to effect the steps of claim 1 1 (Aucsmith, Fig. 3, col. 4, lines 12-67). 

Regarding to claim 15, Aucsmith teaches all the claimed subject matters as discussed in 
claim 1 1 , and further discloses a computer program product comprising a computer usable 
medium having computer readable program code means embodied therein for causing certificate 
revocation list (CRL) consolidation and access, the computer readable program code means in 
said computer program product comprising computer readable program code means for causing a 
computer to effect the steps of claim 1 1 (Aucsmith, Fig. 3, col. 4, lines 12-67). 
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Regarding to claim 16, Aucsmith teaches all the claimed subject matters as discussed in 
claim 11, and further discloses a program storage device readable by machine, tangibly 
embodying a program of instructions executable by the machine to perform method steps for 
certificate revocation list (CRL) consolidation and access, said method steps comprising the 
steps of claim 1 1 (Aucsmith, Fig. 3, col. 4, lines 12-67). 

Regarding to claim 1 7, Aucsmith discloses a method comprising: 
employing a secure network implemented by digital certificates for certificate revocation 
list (CRL) consolidation and access, with a plurality of certificate authorities (CAs) maintaining 
and distributing the digital certificates revoked by themselves in the form of CRLs, wherein 
different CAs may use different CRL distribution mechanisms, including the steps of: creating a 
plurality of CRL retrieval agents based on the CRL distribution mechanisms of CAs, for 
consolidating the CRLs from multiple CAs; storing the consolidated CRLs from multiple CRL 
retrieval agents or the replications of CRLs into a plurality of CRL databases (Aucsmith, col. 14- 
34); and 

accessing the CRLs from the CRL databases by a uniform set of APIs (Aucsmith, col. 3, 
lines 35-45, "perform an invalidity confirmation process wherein the client communicates with 
the server 220 and requests a lookup to confirm the key's membership in invalidity database 
222"). 

Regarding to claim 18, Aucsmith teaches all the claimed subject matters as discussed in 
claim 17, and further discloses a program storage device readable by machine, tangibly 
embodying a program of instructions executable by the machine to perform method steps for 
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certificate revocation list (CRL) consolidation and access, said method steps comprising the 
steps of claim 17 (Aucsmith, Fig. 3, col. 4, lines 12-67). 

Regarding to claim 1 9, Aucsmith teaches all the claimed subject matters as discussed in 
claim 17, and further discloses an article of manufacture comprising a computer usable medium 
having computer readable program code means embodied therein for causing certificate 
revocation list (CRL) consolidation and access, the computer readable program code means in 
said article of manufacture comprising computer readable program code means for causing a 
computer to effect the steps of claim 17 (Aucsmith, Fig. 3, col. 4, lines 12-67). 

Regarding to claim 20, Aucsmith teaches all the claimed subject matters as discussed in 
claim 17, and further discloses a computer program product comprising a computer usable 
medium having computer readable program code means embodied therein for causing certificate 
revocation list (CRL) consolidation and access, the computer readable program code means in 
said computer program product comprising computer readable program code means for causing a 
computer to effect the steps of claim 17 (Aucsmith, Fig. 3, col. 4, lines 12-67). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chongshan Chen whose telephone number is (703) 305-8319. 
The examiner can normally be reached on Monday - Friday (8:00 am - 4:30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y Vu can be reached on (703)305-4393. The fax phone numbers for the 
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organization where this application or proceeding is assigned are (703) 746-7239 for regular 
communications and (703) 746-7238 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703)305-3900. 

CC 

January 24, 2003 Atfhtf^^ 




